package com.example.eurekaserver01.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * description: WebSecurityConfig <br>
 * date: 2021/5/26 23:37 <br>
 * author: xiehui <br>
 * version: 1.0 <br>
 */

@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {


    //方案一：
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http); // 访问eureka控制台权限控制
        http.csrf().ignoringAntMatchers("/eureka/**");//对于eureka的请求不检查CSRF
    }

   /* @Override //方案二：
    protected void configure(HttpSecurity http) throws Exception {
        // 注意如果disable安全验证也会禁用掉
        http.csrf().disable()
                .authorizeRequests().anyRequest().authenticated().and().httpBasic();
    }*/


}
